Solved

Exchange 2010 errors communicating with Domain Controllers

Posted on 2013-06-11
6
386 Views
Last Modified: 2013-08-11
I have three Hyper-V Servers all on one physical machine,
1. Domain Controller 1 running WIndows 2012
2. Domain Controller 2 Running Windows 2012
3. Exchange 2010 running Windows 2008 R2

after a few months running just fine, suddenly the Exchange server is complaining it cannot find the DC's.

I get the Application Error logs saying Event ID 2604 MSExchangeADAccess
Eventi ID 2103, 2114, and 2102.

I already looked at the Default Domain Security settings where you make sure it is the Local Domain Controllers policy and not just the Local Domain policy.

Then I reboot and it seems fine...for awhile. Any ideas?
0
Comment
Question by:garyoh
  • 4
  • 2
6 Comments
 
LVL 13

Expert Comment

by:Jaihunt
ID: 39236969
Hi

Did you check any DNS issues in the DC's. Check Network issues also. What is the primary and secondary DNS settings for the DC's.

Thanks
  Jai
0
 

Author Comment

by:garyoh
ID: 39238372
For the dc's, I have each one pointing to itself first and to the other second.
I did have a strange thing when I pinged the dc's from the exchange box by name: it pinged the IP v6 address and all boxes now have IP v6 disabled in the net adapter properties. Should I have IP  v6 on? I also see IP v6 entries in the DNS tables on both dc's. also when I run dcdiag, I do get some errors about replication. Should I have IP v6 all on or all off? And, if all off, should I manually delete all IP v6 entries in the DNS tables? Just curious.
0
 
LVL 13

Expert Comment

by:Jaihunt
ID: 39238397
Disable the IPv6 and remove the entries also make sure you are able to resolve the dc from exchange. what replication errors you get from DC
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:garyoh
ID: 39238597
I did mention these are all Hyper-V instances on a single physical server, right? I don't know if that matters or not. I would not think so.

When I tried to ping the dc's from the exchange server, I get this:
Pinging DC2012-1.mydomain.local from [ipv6 address] with 32 bytes of data:
General failure.
General failure.
General failure.
General failure.
ping statistics for [ipv6 address]:
sent=4, received = 0

when I run "dcdiag /s:DC2012-1", I get errors here:
"NCSecDesc
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have Replicating Directory Changes in Filtered Set access rights for the naming context:
...all the DC stuff here"

That's it.

I did go into the DNS servers and remove the ip v6 entries from there except for two which are these:
in forward Look zones --> mydomain.local --> there is a "(same as parent folder) IPv6 (AAAA) [IPv6 Address] and a date"
Should those get deleted as well?

Thanks for your help
0
 

Accepted Solution

by:
garyoh earned 0 total points
ID: 39386549
We called Microsoft Tech Support and got them involved. The solution was completed by a Tech there with one of my techs. Unfortunately, I have no input on the final solution. Sorry.
0
 

Author Closing Comment

by:garyoh
ID: 39399511
No solution was provided except by MS.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now